HP VSR1000 Virtual Services Router Layer 2 - WAN Access Command Reference Part number: 5998-4655 Software version: VSR1000_HP-CMW710-E0101P01-X64 Document version: 5W100-20130918...
Page 2
The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an...
Page 4
·········································································································································································· 41 reset counters interface ········································································································································· 41 shutdown ································································································································································ 42 Support and other resources ····································································································································· 43 Contacting HP ································································································································································ 43 Subscription service ·············································································································································· 43 Related information ························································································································································ 43 Documents ······························································································································································ 43 ...
Syntax display pppoe-client session packet dial-bundle-number number Views Any view Predefined user roles network-admin network-operator Parameters dial-bundle-number number: Specifies a dialer bundle by its number in the range of 0 to1023. If this option is not specified, this command displays protocol packet statistics for all PPPoE sessions. Examples # Display the protocol packet statistics for all PPPoE sessions.
Syntax display pppoe-client session summary dial-bundle-number number Views Any view Predefined user roles network-admin network-operator Parameters dial-bundle-number number: Specifies a dialer bundle by its number in the range of 0 to1023. If this option is not specified, this command displays summary information about all PPPoE sessions. Examples # Display summary information about all PPPoE sessions.
Default No PPPoE session is established. Views Layer 3 Ethernet interface/subinterface view Predefined user roles network-admin Parameters dial-bundle-number number: Specifies the dialer bundle number corresponding to a PPPoE session. A dialer bundle number uniquely identifies a PPPoE session. It can also be used as a PPPoE session ID. The value range for the number argument is 0 to 1023.
<Sysname> reset pppoe-client all Related commands dialer timer autodial (DDR commands) reset pppoe-client session packet Use reset pppoe-client session packet to reset the protocol packet statistics for a PPPoE session. Syntax reset pppoe-client session packet dial-bundle-number number Views User view Predefined user roles network-admin Parameters...
L2TP commands allow l2tp Use allow l2tp to configure an LNS to accept L2TP tunneling requests from a specified LAC, and to specify a VT interface for tunnel setup. Use undo allow to restore the default. Syntax For L2TP group 1: •...
HP recommends that you configure a default L2TP group on the LNS in the following cases: • There are LACs (such as hosts with Windows 2000 Beta 2 installed) that include blank local names in their tunneling requests. The LNS sets up tunnels with multiple LACs by using the same tunnel parameters.
default Use default to restore the default settings for a virtual PPP interface. Syntax default Views Virtual PPP interface view Predefined user roles network-admin Usage guidelines CAUTION: The default command might interrupt ongoing network services. Make sure you are fully aware of the impacts of this command when you execute it in a live network.
Parameters text: Specifies the interface description, a case-sensitive string of 1 to 80 characters. Examples # Set the description of Virtual-PPP 10 to virtual-interface. <Sysname> system-view [Sysname] interface virtual-ppp 10 [Sysname-Virtual-PPP10] description virtual-interface display interface virtual-ppp Use display interface virtual-ppp to display information about virtual PPP interfaces. Syntax display interface [ virtual-ppp ] [ brief [ down ] ] display interface [ virtual-ppp [ interface-number ] ] [ brief [ description ] ]...
Page 14
Internet Address is 10.0.0.1/24 Primary Link layer protocol: PPP LCP: initial Physical: L2TP Last clearing of counters: Never Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Input: 154 packets, 1880 bytes, 0 drops Output: 155 packets, 1875 bytes, 0 drops Table 3 Command output...
Page 15
Protocol: (s) - spoofing Interface Link Protocol Main IP Description VPPP10 10.0.0.1 aaaaaaaaaaaaaaaaaaaaaaaaaaa # Display information about the virtual PPP interfaces in physically down state and the causes. <Sysname> display interface virtual-ppp brief down Brief information on interface(s) under route mode: Link: ADM - administratively down;...
Field Description Causes for the physical state of the interface to be Down: • Not connected—No physical connection exists (possibly because the L2TP negotiation fails or insufficient configuration exists to trigger L2TP Cause negotiation). • Administratively—The interface was shut down by using the shutdown command.
Field Description Session state: • Idle. • Wait-tunnel—Waits for the tunnel to be established. • Wait-reply—Waits for an Incoming-Call-Reply (ICRP) message State indicating the call is accepted. • Wait-connect—Waits for an Incoming-Call-Connected (ICCN) message. • Established. display l2tp tunnel Use display l2tp tunnel to display information about L2TP tunnels. Syntax display l2tp tunnel [ statistics ] Views...
Field Description Sessions Number of sessions within the tunnel. RemoteAddress IP address of the peer. RemotePort UDP port number of the peer. RemoteName Name of the tunnel peer. Related commands reset l2tp tunnel interface virtual-ppp Use interface virtual-ppp to create a virtual PPP interface and enter its view. If the interface has been created, you directly enter its view.
undo l2tp enable Default The L2TP function is disabled. Views System view Predefined user roles network-admin Usage guidelines L2TP must be enabled for relevant L2TP configurations to take effect. Examples # Enable the L2TP function. <Sysname> system-view [Sysname] l2tp enable l2tp-auto-client Use l2tp-auto-client to trigger an LAC to automatically establish an L2TP tunnel.
[Sysname-Virtual-PPP1] l2tp-auto-client l2tp-group 10 Related commands l2tp-group l2tp-group Use l2tp-group to create an L2TP group and enter its view. Use undo l2tp-group to remove an L2TP group. Syntax l2tp-group group-number [ mode { lac | lns } ] undo l2tp-group group-number Default No L2TP group exists.
lns-ip Use lns-ip to specify LNS IP addresses on an LAC. Use undo lns-ip to remove the specified LNS IP addresses. Syntax lns-ip { ip-address }&<1-5> undo lns-ip Default No LNS IP addresses are specified. Views L2TP group view Predefined user roles network-admin Parameters { ip-address }&<1-5>: Specifies LNS IP addresses.
Predefined user roles network-admin Usage guidelines The LNS uses the LAC as an authentication proxy. The LAC sends the LNS all user authentication information from users and the authentication method configured on the LAC itself. The LNS then checks the user validity according to the received information and the locally configured authentication method. When mandatory CHAP authentication is configured, a user who depends on an LAC to initiate tunneling requests is authenticated by both the LAC and the LNS for increased security.
If you do not expect the LNS to accept LCP negotiation parameters, configure this command to perform a new round of LCP negotiation between the LNS and the user. In this case, the information sent by the LAC will be ignored. Some users might not support LCP renegotiation.
reset l2tp tunnel Use reset l2tp tunnel to disconnect a tunnel and all sessions within the tunnel. Syntax reset l2tp tunnel { id tunnel-id | name remote-name } Views User view Predefined user roles network-admin Parameters id tunnel-id: Specifies a tunnel by its local ID in the range of 1 to 65535. name remote-name: Specifies L2TP tunnels by the tunnel peer name, a case-sensitive string of 1 to 31 characters.
Views L2TP group view Predefined user roles network-admin Usage guidelines L2TP uses Attribute Value Pairs (AVPs) to transmit tunnel negotiation parameters, session negotiation parameters, and user authentication information. This feature can hide sensitive AVP data, such as user passwords. With this feature enabled, AVP data is encrypted before transmission with the key configured by using the tunnel password command.
When the device acts as an LAC, a change in flow control enable state on the LNS causes the same change in flow control enable state of L2TP sessions. When the device acts as an LNS, a change in the flow control enable state on the LAC has no effect on the flow control enable state of L2TP sessions.
Default No key is configured. Views L2TP group view Predefined user roles network-admin Parameters cipher: Sets a ciphertext key. simple: Sets a plaintext key. password: Specifies the key for tunnel authentication. This argument is case-sensitive. cipher is specified, it must be a ciphertext string of 1 to 53 characters. If simple is specified, it must be a string of 1 to 16 characters.
Parameters hello-interval: Specifies the interval at which the LAC or the LNS sends Hello packets, in the range of 60 to 1000 seconds. Usage guidelines When no packet is transmitted between the LAC and LNS, Hello packets are sent at the configured interval to prevent the L2TP tunnels and sessions from being removed due to timeouts.
Use undo timer-hold to restore the default. Syntax timer-hold seconds undo timer-hold Default The polling interval is 10 seconds. Views Virtual PPP interface view Predefined user roles network-admin Parameters seconds: Specifies the interval at which the LAC or the LNS sends keepalive packets, in the range of 0 to 32767 seconds.
Parameters domain domain-name: Specifies that the LAC initiate tunneling requests to the LNS when the domain name of a user matches a configured domain name. The domain-name argument represents the domain name of the user and is an case-insensitive string of 1 to 24 characters. fullusername user-name: Specifies that the LAC initiate tunneling requests to the LNS when the username of a user matches a configured full username.
The specified VPN must already exist. Examples # Configure the VPN vpn1 to which the tunnel peer belongs. <Sysname>system-view [Sysname] l2tp-group 1 mode lac [Sysname-l2tp1] vpn-instance vpn1 Related commands ip vpn-instance (MPLS Command Reference) • ip binding vpn-instance (MPLS Command Reference) •...
DDR commands bandwidth Use bandwidth to configure the expected bandwidth of an interface. Use undo bandwidth to restore the default. Syntax bandwidth bandwidth-value undo bandwidth Default The expected bandwidth (in kbps) is the interface baud rate divided by 1000. Views Dialer interface view Predefined user roles network-admin...
Usage guidelines CAUTION: The default command might interrupt ongoing network services. Make sure you are fully aware of the impacts of this command when you execute it on a live network. This command might fail to restore the default settings for some commands for reasons such as command dependencies or system restrictions.
Syntax dialer bundle enable undo dialer bundle enable Default No DDR is enabled on a dialer interface. Views Dialer interface view Predefined user roles network-admin Usage guidelines Before using bundle DDR, use this command to enable bundle DDR on a dialer interface. The undo dialer bundle enable command clears all DDR configurations on a dialer interface.
To make sure the server has enough time to place a return call, the link holddown timer of the client must be at least 10 seconds longer than that of the server. HP recommends that you set the link holddown timer to 5 seconds (the default) on the server, and 15 seconds on the client.
Predefined user roles network-admin Parameters idle: Link idle-timeout timer, setting the time for a link to stay idle before it is disconnected. The value range for this argument is 0 to 65535 seconds. in: Allows only incoming interesting packets to reset the timer. in-out: Allows both incoming and outgoing interesting packets to reset the timer.
Examples # Set the wait-carrier timer to 100 seconds on interface Dialer 0. <Sysname> system-view [Sysname] interface dialer 0 [Sysname-Dialer0] dialer timer wait-carrier 100 dialer timer warmup Use dialer timer warmup to configure the warm-up timer for dynamic route backup. Use undo dialer timer warmup to restore the default.
Views Dialer interface view Predefined user roles network-admin Parameters group-number: Number of the dialer access group, in the range of 1 to 255. You define it with the dialer-group rule command. Usage guidelines A dialer interface can belong to only one dialer access group. If you configure this command multiple times, the most recent configuration takes effect.
Usage guidelines Dial access rules are used to determine when an interface initiates DDR calls. You need to configure dial access rules only on the initiator of DDR calls. Dial access rules filter packets in one of the following ways: By protocol—Only IP packets can be matched.
network-operator Parameters interface-number: Existing dialer interface number. brief: Displays brief interface information. If you do not specify this keyword, the command displays detailed interface information. down: Displays information about interfaces in physically Down state and the causes. If you do not specify this keyword, this command displays information about interfaces in all states.
Page 43
<Sysname> display interface dialer brief down Brief information on interface(s) under route mode: Link: ADM - administratively down; Stby - standby Interface Link Cause Dia1 Administratively Table 8 Command output Field Description Physical state of the dialer interface: • UP—The dialer interface is physically up. Dialer1 •...
Field Description If the network layer protocol state of an interface is shown as UP, but its link Protocol: (s) - spoofing is an on-demand link or not present at all, its protocol attribute includes the spoofing flag (an s in parentheses). Interface Abbreviated interface name.
<Sysname> system-view [Sysname] interface dialer 1 Use mtu to set the MTU of a dialer interface. Use undo mtu to restore the default. Syntax mtu size undo mtu Default The MTU of dialer interfaces is 1500 bytes. Views Dialer interface view Predefined user roles network-admin Parameters...
Usage guidelines Before sampling network traffic within a specific period of time on an interface, you must clear the existing statistics. If neither dialer nor interface-number is specified, this command clears the statistics of all the interfaces. If only dialer is specified, this command clears the statistics of all dialer interfaces. If both dialer and interface-number are specified, this command clears the statistics of the specified dialer interface.
Related information Documents To find related documents, browse to the Manuals page of the HP Business Support Center website: http://www.hp.com/support/manuals For related documentation, navigate to the Networking section, and select a networking category. •...
Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional. Braces enclose a set of required syntax choices separated by vertical bars, from which { x | y | ...
Page 49
Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.
Index A B D I L M P R S T U V W lns-ip,17 allow l2tp,6 mandatory-chap,17 mandatory-lcp,18 bandwidth,7 mtu,41 bandwidth,29 pppoe-client,3 default,29 default,8 description,8 reset counters interface,41 description,30 reset counters interface virtual-ppp,19 dialer bundle enable,30 reset l2tp tunnel,20 dialer diagnose,1 reset...